<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
</head>
<body>
<?php
include "connection.php";
session_start();
$order_user = $_SESSION['userid'];
$order_name = $_SESSION['username'];
$order_department = $_SESSION['department'];
date_default_timezone_set('prc');

$order_product_id = $_POST['post_id'];
$order_date     = $_POST['post_date'];
$order_date2    = $_POST['post_date2'];
$order_diliver    = $_POST['diliver'];
$order_num     = $_POST['post_num'];
$order_price   = $_POST['post_price'];
$order_id      = date('Ymdhis',time());
$order_one_price = $order_price/$order_num;

$temp  = str_replace("年","",$order_date);
$temp1 = str_replace("月","",$temp);
$temp2 = str_replace("日","",$temp1);
$search_key    = substr($temp2,0,-2);

$orderondate=date("Y年m月d日H时i分s秒",time());



if(($order_user)&&($order_name))
{






$tableProduct = "product";
$result = mysql_query("select * from $tableProduct where product_id ='$order_product_id'");

while ($row = mysql_fetch_array($result)) {
    $product_name = $row['product_name'];
    $product_week = $row['week'];
    $product_at   = $row['at'];
}





$tableOrder = "orderlist";

$sql = "insert into $tableOrder (
order_id,
user_id,
user_name,
user_department,
product_name,
product_num,
diliver,
product_id,
product_price,
order_date,
order_week,
order_at,
order_price,
ondate,
search_key
) value (
'$order_id',
'$order_user',
'$order_name',
'$order_department',
'$product_name',
'$order_num',
'$order_diliver',
'$order_product_id',
'$order_one_price',
'$order_date',
'$product_week',
'$product_at',
'$order_price',
'$orderondate',
'$search_key'
)";
$query = mysql_query($sql) or die ("下单失败，请返回！");

$tableUser = "user";
$resultUser = mysql_query("select * from $tableUser where user_id ='$order_user'");

while ($row = mysql_fetch_array($resultUser)) {
    $balance = $row['balance'];
}

$updata_price = $balance - $order_price;
$sqlUser = "update $tableUser set balance = '$updata_price' where user_id = '$order_user'";
$queryUser = mysql_query($sqlUser) or die ("扣款失败，请返回！");

}

else
{
    echo "订单异常";
}

?>

</body>
</html>